Disabling mac address learning for a vlan – H3C Technologies H3C S3100 Series Switches User Manual

1-9

By setting the maximum number of MAC addresses that can be learned from individual ports, the

administrator can control the number of the MAC address entries the MAC address table can

dynamically maintain. When the number of the MAC address entries learnt from a port reaches the set

value, the port stops learning MAC addresses.

Follow these steps to set the maximum number of MAC addresses a port can learn:

To do…

Use the command…

Remarks

Enter system view

system-view —

Enter Ethernet port view

interface interface-type
interface-number

—

Set the maximum number of MAC
addresses the port can learn

mac-address max-mac-count
count

Required

By default, the number of the MAC
addresses a port can learn is not
limited.

If you have configured the maximum number of MAC addresses that a port can learn, you cannot

enable the MAC address authentication or port security functions on the port, and vice versa.

Disabling MAC Address learning for a VLAN

The contents of this section are only applicable to the S3100-EI series among S3100 series switches.

You can disable a switch from learning MAC addresses in specific VLANs to improve stability and

security for the users belong to these VLANs and prevent unauthorized accesses.

Table 1-2 Disable MAC address learning for a VLAN

Operation

Command

Description

Enter system view

system-view

—

Enter VLAN view

vlan vlan-id —

Disable the switch from
learning MAC addresses in the
VLAN

mac-address max-mac-count 0

Required

By default, a switch learns MAC
addresses in any VLAN.